package cn.xzqwjw.taskmanager.security.handler;

import cn.xzqwjw.taskmanager.domain.vo.ResponseVo;
import cn.xzqwjw.taskmanager.utils.ResponseUtil;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 当前的用户登录状态失效。这就需要我们清除服务端的用户状态
 * 退出登录接口并不是 permitAll， 只有携带对应用户的凭证才退出
 * 将退出结果返回给请求方
 * 退出登录后用户可以通过重新登录来认证该用户
 *
 * @author rush
 */
@Component
public class CustomLogoutSuccessHandler implements LogoutSuccessHandler {

  @Override
  public void onLogoutSuccess(HttpServletRequest request,
                              HttpServletResponse response,
                              Authentication authentication) {
    SecurityContextHolder.clearContext();
    ResponseUtil.writeJsonJwt(response, "", ResponseVo.success());
  }

}
